Cisco probes source code theft
Networking crown jewels aired in public
Cisco has launched an investigation following reports that portions of its core networking operating system source code have been stolen and distributed online.
According to Russian security portal SecurityLab, a hacker boasting he broke into Cisco's internal network and nicked source code for some versions of Cisco's IOS has posted a 2.5MB snippet onto an IRC channel as proof. Around 800MB of code relating to Cisco IOS 12.3 and 12.3t has reportedly been nicked. IOS 12.3 is the latest version of Cisco's software, widely used home office, branch office and enterprise routers. IOS 12.3t is an earlier test version. Access to Cisco's source code might make it easier for hackers to develop exploits.
"Cisco is aware that a potential compromise of its proprietary information occurred and was reported on a public Web site just prior to the weekend," Cisco spokesman Jim Brady told C/Net. "The Cisco information security team is looking into this matter and investigating what happened."
The leak of proprietary source code would be embarrassing for Cisco given its increased focus on security over recent months but far from unprecedented within the industry. Source code for parts of Windows 2000 and Windows NT were leaked to the Internet back in February prompting a minor security flap. ®
How to hack a network in nine easy steps
Cisco IOS DoS exploit released in the wild
MS Windows source code escapes onto Internet
Windows leak dangers exaggerated
Half Life 2 leak means no launch for Christmas